When i try to connect my client with identityServer, server log show next message:
this is my OpenIdConnectAuthenticationOptions:
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "cliente1",
Authority = "https://localhost:44333/core",
RedirectUri = "http://localhost:57598/",
ResponseType = "id_token",
Scope = "openid email",
UseTokenLifetime = false,
SignInAsAuthenticationType = "Cookies",
});
}
and this is my identityServer client configuration:
new Client{
ClientName = "cliente1",
Enabled = true,
ClientId = "cliente1",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
Flow = Flows.Implicit,
//RequireConsent = true,
//AllowRememberConsent = true,
RedirectUris = new List<string> {
"http://localhost:57598/"
},
PostLogoutRedirectUris = new List<string>{
"http://localhost:57598/"
},
AllowedScopes = new List<string>
{
Constants.StandardScopes.OpenId,
Constants.StandardScopes.Email,
//Constants.StandardScopes.OfflineAccess,
//"read",
//"write",
"webapi"
},
AccessTokenType = AccessTokenType.Reference,
IdentityTokenLifetime = 360,
AccessTokenLifetime = 360
},
What could be the problem? Thanks in advance
you're using MS's OpenID Connect middleware in your ASP.NET MVC application, which works with the Hybrid flow, but the Client's flow is set to Implicit. Set the flow to Hybrid (Flow = Flows.Hybrid), and it should work.